<?php
class Users {
	function newUser($nick, $password, $jmeno, $prijmeni, $email) {
		$password = sha1($password);
		$nick = MySQLData($nick);
		$jmeno = MySQLData($jmeno);
		$prijmeni = MySQLData($prijmeni);
		$email = MySQLData($email);
		$password = MySQLData($password);
		$sql = "SELECT id FROM users WHERE nick = '$nick'";
		$ps = mysql_query($sql);
		while ($a = mysql_fetch_row($ps)){
			$id = $a[0];
		}
		if (empty($id)) {
			$sql = "INSERT INTO users (nick, password, jmeno, prijmeni, email) VALUES ('$nick', '$password', '$jmeno', '$prijmeni', '$email')";
			mysql_query($sql);
		}
	}
	
	function deleteUser($nick) {
		$nick = MySQLData($nick);
		$sql = "DELETE FROM users WHERE nick = '$nick'";
		mysql_query($sql);
	}
	
	function changePassword($old, $new, $control) {
		if ($new == $control) {
			$password = sha1($new);
			$password = MySQLData($password);
			$old = sha1($old);
			$nick = $_SESSION["auth"]->getNick();
			$heslo = self::getPassword($nick);
			if ($heslo == $old) {
				$nick = MySQLData($nick);
				$sql = "UPDATE users SET password = '$password' WHERE nick = '$nick' LIMIT 1";
				mysql_query($sql);
			}
		}
	}

	function changeData($nick, $jmeno, $prijmeni, $email, $password) {
		$heslo = self::getPassword($nick);
		if(sha1($password) == $heslo){
			$nick = MySQLData($nick);
			$jmeno = MySQLData($jmeno);
			$prijmeni = MySQLData($prijmeni);
			$email = MySQLData($email);
			$sql = "UPDATE users SET jmeno = '$jmeno', prijmeni = '$prijmeni', email = '$email' WHERE nick = '$nick' LIMIT 1";
			mysql_query($sql);
		}
	}
	
	function getPassword($nick) {
		$nick = MySQLData($nick);
		$sql = "SELECT password FROM users WHERE nick = '$nick'";
		$ps = mysql_query($sql);
		while ($a = mysql_fetch_row($ps)){
			return $a[0];
		}
	}
	
	function getJmeno($nick) {
		$nick = MySQLData($nick);
		$sql = "SELECT jmeno FROM users WHERE nick = '$nick'";
		$ps = mysql_query($sql);
		while ($a = mysql_fetch_row($ps)){
			return $a[0];
		}
	}
	
	function getPrijmeni($nick) {
		$nick = MySQLData($nick);
		$sql = "SELECT prijmeni FROM users WHERE nick = '$nick'";
		$ps = mysql_query($sql);
		while ($a = mysql_fetch_row($ps)){
			return $a[0];
		}
	}
	
	function getEmail($nick) {
		$nick = MySQLData($nick);
		$sql = "SELECT email FROM users WHERE nick = '$nick'";
		$ps = mysql_query($sql);
		while ($a = mysql_fetch_row($ps)){
			return $a[0];
		}
	}
	
}